Fix comment
authorMatt Caswell <matt@openssl.org>
Tue, 14 Jun 2016 09:41:00 +0000 (10:41 +0100)
committerMatt Caswell <matt@openssl.org>
Tue, 14 Jun 2016 09:41:00 +0000 (10:41 +0100)
Fix a comment following commit c2c49969e23605.

RT2388

Reviewed-by: Rich Salz <rsalz@openssl.org>
ssl/t1_lib.c

index 20d6787..9250283 100644 (file)
@@ -2521,8 +2521,7 @@ static int ssl_scan_serverhello_tlsext(SSL *s, PACKET *pkt, int *al)
      * an attack we should *always* see RI even on initial server hello
      * because the client doesn't see any renegotiation during an attack.
      * However this would mean we could not connect to any server which
-     * doesn't support RI so for the immediate future tolerate RI absence on
-     * initial connect only.
+     * doesn't support RI so for the immediate future tolerate RI absence
      */
     if (!renegotiate_seen && !(s->options & SSL_OP_LEGACY_SERVER_CONNECT)
         && !(s->options & SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION)) {